STIGQter: STIG Summary: IBM AIX 7.x Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 23 Apr 2021:

SSH must display the date and time of the last successful account login to AIX system upon login.

DISA Rule

SV-215185r508663_rule

Vulnerability Number

V-215185

Group Title

SRG-OS-000297-GPOS-00115

Rule Version

AIX7-00-001024

Severity

CAT III

CCI(s)

CCI-002314 - The information system controls remote access methods.

Weight

Fix Recommendation

Edit the "/etc/ssh/sshd_config" file to add or update the following line:
PrintLastLog yes.

Restart sshd service:
# stopsrc -s sshd
# startsrc -s sshd

Check Contents

Verify the SSH daemon is configured to display last login information using command:
# cat /etc/ssh/sshd_config | grep -i ^PrintLastLog
PrintLastLog yes

If "PrintLastLog" is not set to "yes", this is a finding.

Vulnerability Number

V-215185

Documentable

False

Rule Version

AIX7-00-001024

Severity Override Guidance

Check Content Reference

Target Key

4012

SSH must display the date and time of the last successful account login to AIX system upon login.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments